Skip to content

GlitchHunter1/Shellcode-Loader---AV-Evasion

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
README.md
README.md
 
 
dll.c
dll.c
 
 
generate_loader.py
generate_loader.py
 
 
loader.c
loader.c
 
 
shell-enc.py
shell-enc.py
 
 

Repository files navigation

Shellcode Loader: AV Evasion

A Windows shellcode loader with RC4 encryption and process injection via Early Bird APC.

Files

File Description
loader.c Main loader: RC4 decrypt + APC injection into suspended process
shell-enc.py Encrypts raw shellcode with RC4
generate_loader.py Generates complete loader.c with shellcode already embedded
dll.c DLL payload
dll-sideloading.c DLL sideloading technique

Usage

1. Encrypt your shellcode

python shell-enc.py

Copy the output array into loader.c inside encrypted_shellcode[].

2. Or generate the full loader automatically

python generate_loader.py <shellcode.bin>

Outputs a ready-to-compile loader.c with shellcode already embedded.

3. Compile

MSVC:

cl.exe loader.c /link /OUT:loader.exe

4. Run

loader.exe

Requirements

  • Windows
  • Python 3 + pycryptodomepip install pycryptodome
  • MinGW or MSVC

About

A custom Windows shellcode loader that studies execution, memory, and evasion from the attacker’s view. Built to evade AVs, static, and hurestic based signetures.

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages